diff options
| author | Jorge C. Leitão <jorgecarleitao@gmail.com> | 2013-12-30 08:37:27 +0100 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2014-06-13 09:34:04 -0400 |
| commit | cc35bd461d35da2b03c0a1a8ff92123d716db9a9 (patch) | |
| tree | d7888fe76589fb3683250e4840c47962fb5e80c3 /docs/ref | |
| parent | 504c89e8008c557a1e83c45535b549f77a3503b2 (diff) | |
Fixed #7599 -- Added get_user_permissions to ModelBackend.
Thanks to @gdub for the report and intial patch and
@charettes and @timgraham for the review.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/contrib/auth.txt | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/docs/ref/contrib/auth.txt b/docs/ref/contrib/auth.txt index 0f60ba0cfd..dcddc84283 100644 --- a/docs/ref/contrib/auth.txt +++ b/docs/ref/contrib/auth.txt @@ -425,6 +425,54 @@ The following backends are available in :mod:`django.contrib.auth.backends`: :class:`~django.contrib.auth.models.User` and :class:`~django.contrib.auth.models.PermissionsMixin`. + :meth:`has_perm`, :meth:`get_all_permissions`, :meth:`get_user_permissions`, + and :meth:`get_group_permissions` allow an object to be passed as a + parameter for object-specific permissions, but this backend does not + implement them other than returning an empty set of permissions if + ``obj is not None``. + + .. method:: authenticate(username=None, password=None, **kwargs) + + Tries to authenticate ``username`` with ``password`` by calling + :meth:`User.check_password + <django.contrib.auth.models.User.check_password>`. If no ``username`` + is provided, it tries to fetch a username from ``kwargs`` using the + key :attr:`CustomUser.USERNAME_FIELD + <django.contrib.auth.models.CustomUser.USERNAME_FIELD>`. Returns an + authenticated user or ``None``. + + .. method:: get_user_permissions(user_obj, obj=None) + + .. versionadded:: 1.8 + + Returns the set of permission strings the ``user_obj`` has from their + own user permissions. Returns an empty set if the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: get_group_permissions(user_obj, obj=None) + + Returns the set of permission strings the ``user_obj`` has from the + permissions of the groups they belong. Returns an empty set if the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: get_all_permissions(user_obj, obj=None) + + Returns the set of permission strings the ``user_obj`` has, including + both user permissions and groups permissions. Returns an empty set if + the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: has_perm(user_obj, perm, obj=None) + + Uses :meth:`get_all_permissions` to check if ``user_obj`` has the + permission string ``perm``. Returns ``False`` if the user is not + :meth:`~django.contrib.auth.models.CustomUser.is_active`. + + .. method:: has_module_perms(self, user_obj, app_label) + + Returns whether the ``user_obj`` has any permissions on the app + ``app_label``. + .. class:: RemoteUserBackend Use this backend to take advantage of external-to-Django-handled |
